i try to terminate a session in my own module by setting the creation
time and flushing the cache, unfortunately by the next request from the
same client i get the same session again. (actually it seems to take it
from the cache (ignoring the openssl sessioncache attributes).

is there any way i can force mod_ssl to explicitly invalidate a session
so it will get deleted from the cache aswell ?